feat(panos): wip - add panorama support

GoogleCloudPlatform · Jun 17, 2021 · d7dbae3 · d7dbae3
1 parent 4b73505
commit d7dbae3
Show file tree

Hide file tree

Showing 11 changed files with 1,413 additions and 105 deletions.
diff --git a/cmd/provider_cmd_panos.go b/cmd/provider_cmd_panos.go
@@ -16,6 +16,7 @@ package cmd
 
 import (
 	"log"
+	"reflect"
 	"strings"
 
 	panos_terraforming "github.com/GoogleCloudPlatform/terraformer/providers/panos"
@@ -30,15 +31,27 @@ func newCmdPanosImporter(options ImportOptions) *cobra.Command {
 		Short: "Import current state to Terraform configuration from a PAN-OS",
 		Long:  "Import current state to Terraform configuration from a PAN-OS",
 		RunE: func(cmd *cobra.Command, args []string) error {
+			var t interface{}
+
 			if len(vsys) == 0 {
 				var err error
 
-				vsys, err = panos_terraforming.GetVsysList()
+				vsys, t, err = panos_terraforming.GetVsysList()
+				if err != nil {
+					return err
+				}
+			} else {
+				c, err := panos_terraforming.Initialize()
 				if err != nil {
 					return err
 				}
+
+				t = reflect.TypeOf(c)
 			}
 
+			resources := panos_terraforming.FilterCallableResources(t, options.Resources)
+			options.Resources = resources
+
 			originalPathPattern := options.PathPattern
 			for _, v := range vsys {
 				provider := newPanosProvider()
@@ -57,7 +70,7 @@ func newCmdPanosImporter(options ImportOptions) *cobra.Command {
 	}
 
 	cmd.AddCommand(listCmd(newPanosProvider()))
-	baseProviderFlags(cmd.PersistentFlags(), &options, "device_config,firewall_networking,firewall_objects", "")
+	baseProviderFlags(cmd.PersistentFlags(), &options, "firewall_device_config,firewall_networking,firewall_objects,firewall_policy", "")
 	cmd.PersistentFlags().StringSliceVarP(&vsys, "vsys", "", []string{}, "")
 
 	return cmd

diff --git a/docs/panos.md b/docs/panos.md
@@ -7,7 +7,7 @@ Example:
  export PANOS_USERNAME=[PANOS_USERNAME]
  export PANOS_PASSWORD=[PANOS_PASSWORD]
 
- terraformer import panos --resources=device_config,firewall_networking,firewall_objects,firewall_policy
+ terraformer import panos --resources=firewall_device_config,firewall_networking,firewall_objects,firewall_policy
 ```
 The list of usable environment variables is the same as the [pango go-client](https://github.com/PaloAltoNetworks/pango):
 *  `PANOS_HOSTNAME`
@@ -24,7 +24,7 @@ The list of usable environment variables is the same as the [pango go-client](ht
 
 Here is the list of resources which are currently supported:
 
-*   `device_config`
+*   `firewall_device_config`
     * `panos_general_settings`
     * `panos_telemetry` 
     * `panos_email_server_profile`
@@ -91,3 +91,13 @@ Here is the list of resources which are currently supported:
     * `panos_nat_rule_group`
     * `panos_pbf_rule_group`
     * `panos_security_rule_group`
+*   `panorama_device_config`
+    * `panos_device_group_parent`
+    * `panos_panorama_device_group`
+    * `panos_panorama_email_server_profile`
+    * `panos_panorama_http_server_profile`
+    * `panos_panorama_snmptrap_server_profile`
+    * `panos_panorama_syslog_server_profile`
+    * `panos_panorama_template`
+    * `panos_panorama_template_stack`
+    * `panos_panorama_template_variable`
diff --git a/providers/panos/device_config.go → providers/panos/firewall_device_config.go b/providers/panos/device_config.go → providers/panos/firewall_device_config.go
@@ -16,13 +16,14 @@ package panos
 
 import (
 	"github.com/GoogleCloudPlatform/terraformer/terraformutils"
+	"github.com/PaloAltoNetworks/pango"
 )
 
-type DeviceConfigGenerator struct {
+type FirewallDeviceConfigGenerator struct {
 	PanosService
 }
 
-func (g *DeviceConfigGenerator) createResourcesFromList(o getGeneric, idPrefix, terraformResourceName string) (resources []terraformutils.Resource) {
+func (g *FirewallDeviceConfigGenerator) createResourcesFromList(o getGeneric, idPrefix, terraformResourceName string) (resources []terraformutils.Resource) {
 	l, err := o.i.(getListWithOneArg).GetList(o.params[0])
 	if err != nil {
 		return []terraformutils.Resource{}
@@ -42,7 +43,7 @@ func (g *DeviceConfigGenerator) createResourcesFromList(o getGeneric, idPrefix,
 	return resources
 }
 
-func (g *DeviceConfigGenerator) createGeneralSettingsResource(hostname string) terraformutils.Resource {
+func (g *FirewallDeviceConfigGenerator) createGeneralSettingsResource(hostname string) terraformutils.Resource {
 	return terraformutils.NewSimpleResource(
 		hostname,
 		normalizeResourceName(hostname),
@@ -52,7 +53,7 @@ func (g *DeviceConfigGenerator) createGeneralSettingsResource(hostname string) t
 	)
 }
 
-func (g *DeviceConfigGenerator) createTelemetryResource(ipAddress, hostname string) terraformutils.Resource {
+func (g *FirewallDeviceConfigGenerator) createTelemetryResource(ipAddress, hostname string) terraformutils.Resource {
 	return terraformutils.NewSimpleResource(
 		ipAddress,
 		normalizeResourceName(hostname),
@@ -62,31 +63,31 @@ func (g *DeviceConfigGenerator) createTelemetryResource(ipAddress, hostname stri
 	)
 }
 
-func (g *DeviceConfigGenerator) createEmailServerProfileResources() []terraformutils.Resource {
-	return g.createResourcesFromList(getGeneric{g.client.Device.EmailServerProfile, []string{g.vsys}},
+func (g *FirewallDeviceConfigGenerator) createEmailServerProfileResources() []terraformutils.Resource {
+	return g.createResourcesFromList(getGeneric{g.client.(*pango.Firewall).Device.EmailServerProfile, []string{g.vsys}},
 		g.vsys+":", "panos_email_server_profile",
 	)
 }
 
-func (g *DeviceConfigGenerator) createHTTPServerProfileResources() []terraformutils.Resource {
-	return g.createResourcesFromList(getGeneric{g.client.Device.HttpServerProfile, []string{g.vsys}},
+func (g *FirewallDeviceConfigGenerator) createHTTPServerProfileResources() []terraformutils.Resource {
+	return g.createResourcesFromList(getGeneric{g.client.(*pango.Firewall).Device.HttpServerProfile, []string{g.vsys}},
 		g.vsys+":", "panos_http_server_profile",
 	)
 }
 
-func (g *DeviceConfigGenerator) createSNMPTrapServerProfileResources() []terraformutils.Resource {
-	return g.createResourcesFromList(getGeneric{g.client.Device.SnmpServerProfile, []string{g.vsys}},
+func (g *FirewallDeviceConfigGenerator) createSNMPTrapServerProfileResources() []terraformutils.Resource {
+	return g.createResourcesFromList(getGeneric{g.client.(*pango.Firewall).Device.SnmpServerProfile, []string{g.vsys}},
 		g.vsys+":", "panos_snmptrap_server_profile",
 	)
 }
 
-func (g *DeviceConfigGenerator) createSyslogServerProfileResources() []terraformutils.Resource {
-	return g.createResourcesFromList(getGeneric{g.client.Device.SyslogServerProfile, []string{g.vsys}},
+func (g *FirewallDeviceConfigGenerator) createSyslogServerProfileResources() []terraformutils.Resource {
+	return g.createResourcesFromList(getGeneric{g.client.(*pango.Firewall).Device.SyslogServerProfile, []string{g.vsys}},
 		g.vsys+":", "panos_syslog_server_profile",
 	)
 }
 
-func (g *DeviceConfigGenerator) InitResources() error {
+func (g *FirewallDeviceConfigGenerator) InitResources() error {
 	if err := g.Initialize(); err != nil {
 		return err
 	}
@@ -95,7 +96,7 @@ func (g *DeviceConfigGenerator) InitResources() error {
 		g.vsys = "shared"
 	}
 
-	generalConfig, err := g.client.Device.GeneralSettings.Get()
+	generalConfig, err := g.client.(*pango.Firewall).Device.GeneralSettings.Get()
 	if err != nil {
 		return err
 	}